github-trending-cn
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill communicates with the official GitHub Search API (api.github.com) to retrieve repository information, which is a well-known and trusted service.
- [SAFE]: The implementation uses only Python's standard library modules (such as urllib, json, and argparse), avoiding risks associated with third-party dependencies.
- [SAFE]: Secret management is handled according to best practices; the GitHub Personal Access Token is retrieved from environment variables or user input and is correctly used in HTTP headers for the official API call.
- [SAFE]: While the skill ingests external content such as repository descriptions, the data is only used for output formatting and is truncated, which mitigates potential indirect prompt injection concerns.
Audit Metadata